19.6.3. S/MIME Support

S/MIME is a specification for secure electronic mail. S/MIME stands for Secure/Multipurpose Internet Mail Extensions and was designed to add security to e-mail messages in MIME format. The security services offered are authentication (using digital signatures) and privacy (using encryption).

The S/MIME specification consists of two documents: S/MIME Message Specification (RFC 2311) and S/MIME Certificate Handling (RFC 2312) . Both of these are Internet Drafts. The S/MIME community has submitted these to the IETF. The goal is to form a working group and produce an Internet standard.

All certificates and private keys are read and stored as PEM encoded strings. If the server is compiled without SSL support then dummy versions of smime_sign, smime_verify, pem_certificates_to_array and get_certificate_info are available so that existing SQL code would not be broken. Currently the Virtuoso server supports S/MIME signing and S/MIME signature verification. These are done through the following 2 functions:



A useful utility function for S/MIME support is: